Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/6fCcKJ7XLDARDRjup7qPUaUKpws.roa
File: 6fCcKJ7XLDARDRjup7qPUaUKpws.roa (raw, json)
Hash identifier: 80zF5RmbmdwF/KLV3Aedbgy643ygykJmiemEMir2SAI=
Subject key identifier: E9:F0:9C:28:9E:D7:2C:30:11:0D:18:EE:A7:BA:8F:51:A5:0A:A7:0B
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBC81E16E468E9994003401D975043
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/6fCcKJ7XLDARDRjup7qPUaUKpws.roa
Signing time: Tue 02 Jan 2024 10:32:56 +0000
ROA not before: Tue 02 Jan 2024 10:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12301
IP address blocks: 195.228.4.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:c8:1e:16:e4:68:e9:99:40:03:40:1d:97:50:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9f09c289ed72c30110d18eea7ba8f51a50aa70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f6:fa:c8:61:b1:d3:e3:95:75:0c:00:ad:15:
5c:d5:5f:38:16:46:e9:40:86:46:50:12:a5:d2:f9:
40:53:4c:f7:4a:ad:03:24:0d:fc:28:5e:2a:5d:04:
02:c2:93:79:e8:38:48:35:a7:f8:54:80:6f:af:12:
ac:69:77:2d:a1:40:b2:c4:dd:31:53:a2:80:c7:5f:
ac:a9:d8:4b:11:2f:d8:d2:d3:af:a8:ca:4d:d6:63:
8e:c6:c8:5f:e5:e5:b7:d4:51:94:3b:5c:70:b0:90:
50:fa:92:f5:70:5d:6f:1a:b8:82:8c:ad:a9:9e:56:
cc:5c:d2:41:ea:4b:55:35:8a:75:c9:cb:f9:fb:26:
3d:ca:f8:53:0e:ec:80:ff:47:55:b9:b3:2e:4f:af:
5f:1e:2e:6a:be:89:f1:96:0d:8c:4c:c6:09:ab:6e:
a1:52:7c:47:46:b1:ed:44:53:fe:27:2f:ae:4d:44:
04:a2:f1:3d:f4:6f:47:28:8e:35:21:4a:b6:5f:bd:
54:a7:fc:16:5f:80:c2:8c:a2:21:59:b6:81:55:52:
47:48:81:ab:53:4d:f1:14:dd:84:b3:04:14:fd:7d:
a0:a1:c4:cc:2f:d9:7c:8a:41:fb:de:98:4f:b9:07:
e8:a3:c8:24:37:aa:7c:47:04:f2:0d:6e:d1:56:ae:
e8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F0:9C:28:9E:D7:2C:30:11:0D:18:EE:A7:BA:8F:51:A5:0A:A7:0B
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/6fCcKJ7XLDARDRjup7qPUaUKpws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.228.4.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
31:38:37:96:43:1e:2a:83:74:d4:a7:3c:4c:02:c5:4d:83:1a:
d0:8b:90:5b:48:c9:e6:0d:ee:8d:24:1f:ee:87:d1:e2:31:9f:
05:b5:98:d7:93:a8:d9:12:38:bd:68:d9:75:20:a2:dd:03:26:
0b:74:1c:35:e7:85:a5:f9:99:ef:e6:5a:79:62:7f:81:bd:9b:
1c:71:1c:d9:c9:06:87:21:e1:5c:02:dd:9b:19:66:81:00:c2:
00:df:6c:64:50:a1:c4:12:26:2e:bb:71:0f:89:46:4d:ab:7c:
b0:98:f3:4b:2e:0b:9b:1b:e5:ff:ca:7b:3b:f4:48:45:ba:8c:
ff:08:b2:45:c4:5a:f5:e2:bd:2f:60:f2:2f:0c:39:91:de:e9:
a5:9a:4e:62:1d:a9:30:4b:b1:6d:02:80:ae:af:73:e2:f1:b7:
8b:42:82:b3:a6:fb:e3:40:16:ed:db:28:c6:f8:46:dc:8f:b8:
b1:d4:a3:6e:70:d6:43:58:ee:52:b8:37:fd:ed:ea:94:e1:fd:
65:91:ef:2d:21:5a:16:97:84:82:82:9f:11:2e:f3:fc:de:a5:
c9:de:e1:19:e9:51:c3:d6:bc:09:41:b1:71:f1:ef:ab:58:46:
4c:6d:bf:97:02:cd:a0:87:06:85:2c:b7:6f:fc:3a:94:14:25:
e3:78:c1:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJu8geFuRo6ZlAA0Adl1BDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWYwOWMyODllZDcyYzMwMTEwZDE4ZWVhN2JhOGY1MWE1MGFhNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvb6yGGx0+OVdQwArRVc1V84Fkbp
QIZGUBKl0vlAU0z3Sq0DJA38KF4qXQQCwpN56DhINaf4VIBvrxKsaXctoUCyxN0x
U6KAx1+sqdhLES/Y0tOvqMpN1mOOxshf5eW31FGUO1xwsJBQ+pL1cF1vGriCjK2p
nlbMXNJB6ktVNYp1ycv5+yY9yvhTDuyA/0dVubMuT69fHi5qvonxlg2MTMYJq26h
UnxHRrHtRFP+Jy+uTUQEovE99G9HKI41IUq2X71Up/wWX4DCjKIhWbaBVVJHSIGr
U03xFN2EswQU/X2gocTML9l8ikH73phPuQfoo8gkN6p8RwTyDW7RVq7oPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOnwnCie1ywwEQ0Y7qe6j1GlCqcLMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvNmZDY0tKN1hMREFSRFJqdXA3cVBVYVVLcHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVAHsAwQA
VAI2AwQAw+QEAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQAxODeWQx4qg3TUpzxM
AsVNgxrQi5BbSMnmDe6NJB/uh9HiMZ8FtZjXk6jZEji9aNl1IKLdAyYLdBw154Wl
+Znv5lp5Yn+BvZsccRzZyQaHIeFcAt2bGWaBAMIA32xkUKHEEiYuu3EPiUZNq3yw
mPNLLgubG+X/yns79EhFuoz/CLJFxFr14r0vYPIvDDmR3umlmk5iHakwS7FtAoCu
r3Pi8beLQoKzpvvjQBbt2yjG+Ebcj7ix1KNucNZDWO5SuDf97eqU4f1lke8tIVoW
l4SCgp8RLvP83qXJ3uEZ6VHD1rwJQbFx8e+rWEZMbb+XAs2ghwaFLLdv/DqUFCXj
eMHQ
-----END CERTIFICATE-----
Generated at Mon May 20 15:31:22 2024 by rpki-client on console-ams.rpki-client.org